Invisible, Dangerous, and Helpful Eyes All Around Us: Internet of Things

Joseph J. Suh

November 2018

In November, 2018, the Canadian Broadcasting Corporation (CBC) reported that Ferial Nijem had been harassed by her ex-partner through her home security system. Nijem’s ex-partner used the security system installed in the home they used to share to blare music, flicker the lights, and turn the TVs on and off in the middle of the night, causing Nijem significant anxiety. The system was originally installed to control various equipment in the house such as security cameras, blinds on the windows, a thermostat, and an entry door lock for security and convenience. This is just one event that showcases two major issues with the Internet of Things (IoT): security and privacy.

As demonstrated in the above example, IoT items may present security issues that interfere with a user’s control of home devices. Because her former partner had set the system’s password, Nijem was not able to take control of the home security system immediately without shutting down the home’s essential features. This, according to Josh Corman, chief security officer at a software firm, is what makes IoT security different from traditional IT systems. By connecting more physical systems—such as cameras, thermostat, and entry door locks—IoT systems can cause more personal and physical damage.

IoT devices also raise significant privacy concerns. Nijem’s security system was connected to surveillance cameras in her home—allowing her ex-partner to remotely monitor her activities from afar. Violating Nijem’s privacy by broadcasting the video on the Internet would have also been an easy task, according to another CBC report.

Consumers may fairly be concerned over personal information collected by IoT systems and likewise may seek to control what information automatically collected. However, there is little oversight over what data IoT can collect—or how it is traded to marketers. A 2016 study by 25 privacy regulators around the world found that current privacy protections are not sufficient. They found that 59% of devices failed to adequately explain to customers how their personal information was collected, used, and disclosed. This means any data collected by IoT systems may be used or repurposed in ways customers had not anticipated.

While the Internet of Things could bring about tremendous convenience, efficiency, and opportunities, it is not without its challenges. Since companies need to make profit quickly they may ignore important security and privacy issues. This is especially true for companies that may have limited time and resources. Users also need to know about their systems, including how to maintain appropriate security settings and how to regain control of their system if it is hacked. Certainly, the government can provide some oversight through legislation and guidelines from agencies such as Federal Trade Commission and National Institute of Standards and Technology. But in any case all parties need to address the safe use of the IoT in the future.